EP3216193A4 - Modélisation de menaces recombinante - Google Patents

Modélisation de menaces recombinante Download PDF

Info

Publication number
EP3216193A4
EP3216193A4 EP15864976.4A EP15864976A EP3216193A4 EP 3216193 A4 EP3216193 A4 EP 3216193A4 EP 15864976 A EP15864976 A EP 15864976A EP 3216193 A4 EP3216193 A4 EP 3216193A4
Authority
EP
European Patent Office
Prior art keywords
threat modeling
recombinant threat
recombinant
modeling
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
EP15864976.4A
Other languages
German (de)
English (en)
Other versions
EP3216193B1 (fr
EP3216193A2 (fr
Inventor
Gregory Robert REITH
Brett Christopher PEPPE
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
T Mobile USA Inc
Original Assignee
T Mobile USA Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to US201462088479P priority Critical
Priority to US14/958,792 priority patent/US10216938B2/en
Application filed by T Mobile USA Inc filed Critical T Mobile USA Inc
Priority to PCT/US2015/064034 priority patent/WO2016090269A2/fr
Publication of EP3216193A2 publication Critical patent/EP3216193A2/fr
Publication of EP3216193A4 publication Critical patent/EP3216193A4/fr
Application granted granted Critical
Publication of EP3216193B1 publication Critical patent/EP3216193B1/fr
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/034Test or assess a computer or a system
EP15864976.4A 2014-12-05 2015-12-04 Modélisation de menaces recombinante Active EP3216193B1 (fr)

Priority Applications (3)

Application Number Priority Date Filing Date Title
US201462088479P true 2014-12-05 2014-12-05
US14/958,792 US10216938B2 (en) 2014-12-05 2015-12-03 Recombinant threat modeling
PCT/US2015/064034 WO2016090269A2 (fr) 2014-12-05 2015-12-04 Modélisation de menaces recombinante

Publications (3)

Publication Number Publication Date
EP3216193A2 EP3216193A2 (fr) 2017-09-13
EP3216193A4 true EP3216193A4 (fr) 2018-07-11
EP3216193B1 EP3216193B1 (fr) 2019-11-13

Family

ID=56092676

Family Applications (1)

Application Number Title Priority Date Filing Date
EP15864976.4A Active EP3216193B1 (fr) 2014-12-05 2015-12-04 Modélisation de menaces recombinante

Country Status (4)

Country Link
US (1) US10216938B2 (fr)
EP (1) EP3216193B1 (fr)
CN (1) CN107251038A (fr)
WO (1) WO2016090269A2 (fr)

Families Citing this family (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017052643A1 (fr) * 2015-09-25 2017-03-30 Hewlett Packard Enterprise Development Lp Associations entre enregistrements de données dans une plate-forme de partage d'informations de sécurité
US10754984B2 (en) 2015-10-09 2020-08-25 Micro Focus Llc Privacy preservation while sharing security information
US9948663B1 (en) * 2015-12-07 2018-04-17 Symantec Corporation Systems and methods for predicting security threat attacks
US10291634B2 (en) 2015-12-09 2019-05-14 Checkpoint Software Technologies Ltd. System and method for determining summary events of an attack
US10440036B2 (en) * 2015-12-09 2019-10-08 Checkpoint Software Technologies Ltd Method and system for modeling all operations and executions of an attack and malicious process entry
US9998480B1 (en) 2016-02-29 2018-06-12 Symantec Corporation Systems and methods for predicting security threats
US10771492B2 (en) * 2016-09-22 2020-09-08 Microsoft Technology Licensing, Llc Enterprise graph method of threat detection
US20180103054A1 (en) * 2016-10-10 2018-04-12 BugCrowd, Inc. Vulnerability Detection in IT Assets by utilizing Crowdsourcing techniques
US10771483B2 (en) * 2016-12-30 2020-09-08 British Telecommunications Public Limited Company Identifying an attacked computing device
US10255439B2 (en) 2017-05-17 2019-04-09 Threatmodeler Software Inc. Threat modeling systems and related methods including compensating controls
US10713366B2 (en) 2017-05-17 2020-07-14 Threatmodeler Software Inc. Systems and methods for automated threat model generation from third party diagram files
US10747876B2 (en) * 2017-05-17 2020-08-18 Threatmodeler Software Inc. Systems and methods for assisted model generation
US10699008B2 (en) 2017-05-17 2020-06-30 Threatmodeler Software Inc. Threat model chaining and attack simulation systems and related methods
US10782964B2 (en) * 2017-06-29 2020-09-22 Red Hat, Inc. Measuring similarity of software components
US10523695B2 (en) * 2017-07-24 2019-12-31 Sap Se Threat modeling tool using machine learning
CN108282460B (zh) * 2017-12-19 2020-06-09 中国科学院信息工程研究所 一种面向网络安全事件的证据链生成方法及装置
RU2715025C2 (ru) * 2018-04-19 2020-02-21 Акционерное общество "Лаборатория Касперского" Способ автоматизированного тестирования программно-аппаратных систем и комплексов
CN111224941B (zh) * 2019-11-19 2020-12-04 北京邮电大学 一种威胁类型识别方法及装置

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050229256A2 (en) * 2001-12-31 2005-10-13 Citadel Security Software Inc. Automated Computer Vulnerability Resolution System
EP1768044A2 (fr) * 2005-09-22 2007-03-28 Alcatel Recoupement d'informations de vulnérabilité de sécurité

Family Cites Families (30)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030236652A1 (en) 2002-05-31 2003-12-25 Battelle System and method for anomaly detection
US7530105B2 (en) * 2006-03-21 2009-05-05 21St Century Technologies, Inc. Tactical and strategic attack detection and prediction
US20070291118A1 (en) * 2006-06-16 2007-12-20 Shu Chiao-Fe Intelligent surveillance system and method for integrated event based surveillance
CA2669197A1 (fr) * 2006-12-28 2008-07-10 Arcsight, Inc. Stockage efficace de donnees de journal tout en supportant une interrogation pour accroitre la securite d'un reseau informatique
US8505092B2 (en) * 2007-01-05 2013-08-06 Trend Micro Incorporated Dynamic provisioning of protection software in a host intrusion prevention system
US8392997B2 (en) 2007-03-12 2013-03-05 University Of Southern California Value-adaptive security threat modeling and vulnerability ranking
EP2163063A2 (fr) * 2007-05-24 2010-03-17 Iviz Techno Solutions Pvt. Ltd Procédé et système pour simuler une attaque de pirate sur un réseau
US8584233B1 (en) * 2008-05-05 2013-11-12 Trend Micro Inc. Providing malware-free web content to end users using dynamic templates
CN101599855A (zh) * 2008-11-10 2009-12-09 南京大学 基于攻击模式建模的复合攻击关联及攻击场景构建方法
CN101452469B (zh) * 2008-12-24 2011-03-23 天津大学 基于攻击模式的软件安全缺陷库系统及其管理方法
CN101655787A (zh) * 2009-02-24 2010-02-24 天津大学 加入攻击路径形式化分析的威胁建模方法
US10447709B2 (en) * 2010-12-29 2019-10-15 Rapid7, Inc. Methods and systems for integrating reconnaissance with security assessments for computing networks
CN102103677A (zh) * 2011-03-09 2011-06-22 天津大学 威胁模型驱动的软件安全评估方法
US8418249B1 (en) * 2011-11-10 2013-04-09 Narus, Inc. Class discovery for automated discovery, attribution, analysis, and risk assessment of security threats
CN102447695B (zh) * 2011-11-14 2015-12-09 中国科学院软件研究所 一种识别业务系统中关键攻击路径的方法
CN103312679B (zh) * 2012-03-15 2016-07-27 北京启明星辰信息技术股份有限公司 高级持续威胁的检测方法和系统
CN102638458B (zh) * 2012-03-23 2015-09-09 中国科学院软件研究所 识别脆弱性利用安全威胁并确定相关攻击路径的方法
US8863293B2 (en) 2012-05-23 2014-10-14 International Business Machines Corporation Predicting attacks based on probabilistic game-theory
US20130325545A1 (en) 2012-06-04 2013-12-05 Sap Ag Assessing scenario-based risks
PE20151242A1 (es) 2012-09-18 2015-08-29 Univ George Washington Sistema de defensa de red emergente
US8935784B1 (en) * 2013-03-15 2015-01-13 Symantec Corporation Protecting subscribers of web feeds from malware attacks
US9264444B2 (en) * 2013-05-21 2016-02-16 Rapid7, Llc Systems and methods for determining an objective security assessment for a network of assets
US9953163B2 (en) * 2014-02-23 2018-04-24 Cyphort Inc. System and method for detection of malicious hypertext transfer protocol chains
US9665721B2 (en) * 2014-04-23 2017-05-30 NSS Labs, Inc. Threat and defense evasion modeling system and method
US9680855B2 (en) * 2014-06-30 2017-06-13 Neo Prime, LLC Probabilistic model for cyber risk forecasting
US10783254B2 (en) * 2014-10-02 2020-09-22 Massachusetts Institute Of Technology Systems and methods for risk rating framework for mobile applications
US10083303B2 (en) * 2014-10-03 2018-09-25 New York University System, method and computer-accessible medium for security verification of third party intellectual property cores
US10574675B2 (en) * 2014-12-05 2020-02-25 T-Mobile Usa, Inc. Similarity search for discovering multiple vector attacks
US9760426B2 (en) * 2015-05-28 2017-09-12 Microsoft Technology Licensing, Llc Detecting anomalous accounts using event logs
US9699205B2 (en) 2015-08-31 2017-07-04 Splunk Inc. Network security system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050229256A2 (en) * 2001-12-31 2005-10-13 Citadel Security Software Inc. Automated Computer Vulnerability Resolution System
EP1768044A2 (fr) * 2005-09-22 2007-03-28 Alcatel Recoupement d'informations de vulnérabilité de sécurité

Also Published As

Publication number Publication date
WO2016090269A2 (fr) 2016-06-09
EP3216193A2 (fr) 2017-09-13
WO2016090269A3 (fr) 2016-07-28
CN107251038A (zh) 2017-10-13
EP3216193B1 (fr) 2019-11-13
US10216938B2 (en) 2019-02-26
US20160162690A1 (en) 2016-06-09

Similar Documents

Publication Publication Date Title
EP3140871A4 (fr) Matériaux à base d'imidazophénanthridine stabilisés
EP3095034A4 (fr) Système de cybersécurité
EP3132035B8 (fr) Mutations par délétion
EP3294671A4 (fr) Biocharbon amélioré
EP3161718A4 (fr) Architecture de cryptage
EP3212231A4 (fr) Anticorps anti-tim -3
EP3040826A4 (fr) Téléphone intelligent
GB201413018D0 (en) Beyond 1A
EP3171299A4 (fr) Multicarte à puce
EP3177551A4 (fr) Technique d'exécution de commande
EP3226856A4 (fr) Traitements combinés
EP3212229A4 (fr) Anticorps anti-tim -3
EP3205947A4 (fr) Filtre
EP3155323A4 (fr) Four
EP3218671A4 (fr) Niveau
EP3201582A4 (fr) Systèmes à combinaison de capteurs
EP3174418A4 (fr) Système de fermeture
EP3240164A4 (fr) Actionneur
EP3238101A4 (fr) Opérations de graphe
EP3318805A4 (fr) Four
EP3238106A4 (fr) Politique de compactage
EP3216193A4 (fr) Modélisation de menaces recombinante
EP3111310A4 (fr) Groupage de zones
EP3238125A4 (fr) Mises à jour de confiance
EP3098417A4 (fr) Moteur

Legal Events

Date Code Title Description
17P Request for examination filed

Effective date: 20170605

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

DAX Request for extension of the european patent (deleted)
DAV Request for validation of the european patent (deleted)
RIC1 Information provided on ipc code assigned before grant

Ipc: H04L 29/06 20060101ALI20180605BHEP

Ipc: G06F 17/30 20060101ALI20180605BHEP

Ipc: H04L 12/24 20060101ALI20180605BHEP

Ipc: G06F 21/57 20130101AFI20180605BHEP

A4 Supplementary search report drawn up and despatched

Effective date: 20180611

17Q First examination report despatched

Effective date: 20190123

REG Reference to a national code

Ref country code: DE

Ref legal event code: R079

Ref document number: 602015041812

Country of ref document: DE

Free format text: PREVIOUS MAIN CLASS: H04L0029060000

Ipc: G06F0021570000

GRAP

Free format text: ORIGINAL CODE: EPIDOSNIGR1

RIC1 Information provided on ipc code assigned before grant

Ipc: G06F 21/57 20130101AFI20190508BHEP

Ipc: H04L 12/24 20060101ALI20190508BHEP

Ipc: H04L 29/06 20060101ALI20190508BHEP

Ipc: G06F 16/00 20190101ALI20190508BHEP

INTG Intention to grant announced

Effective date: 20190605

GRAS

Free format text: ORIGINAL CODE: EPIDOSNIGR3

GRAA

Free format text: ORIGINAL CODE: 0009210

AK Designated contracting states

Kind code of ref document: B1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

REG Reference to a national code

Ref country code: CH

Ref legal event code: EP

Ref country code: AT

Ref legal event code: REF

Ref document number: 1202427

Country of ref document: AT

Kind code of ref document: T

Effective date: 20191115

REG Reference to a national code

Ref country code: DE

Ref legal event code: R096

Ref document number: 602015041812

Country of ref document: DE

REG Reference to a national code

Ref country code: IE

Ref legal event code: FG4D

REG Reference to a national code

Ref country code: NL

Ref legal event code: MP

Effective date: 20191113

REG Reference to a national code

Ref country code: LT

Ref legal event code: MG4D

PGFP Annual fee paid to national office [announced from national office to epo]

Ref country code: GB

Payment date: 20200302

Year of fee payment: 5

Ref country code: DE

Payment date: 20200302

Year of fee payment: 5

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LV

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20191113

Ref country code: SE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20191113

Ref country code: NL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20191113

Ref country code: PL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20191113

Ref country code: GR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20200214

Ref country code: NO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20200213

Ref country code: PT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20200313

Ref country code: BG

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20200213

Ref country code: FI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20191113

Ref country code: LT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20191113

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: HR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20191113

Ref country code: RS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20191113

Ref country code: IS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20200313

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: AL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20191113

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: CZ

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20191113

Ref country code: RO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20191113

Ref country code: EE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20191113

Ref country code: DK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20191113

Ref country code: ES

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20191113

REG Reference to a national code

Ref country code: CH

Ref legal event code: PL

REG Reference to a national code

Ref country code: DE

Ref legal event code: R097

Ref document number: 602015041812

Country of ref document: DE

REG Reference to a national code

Ref country code: AT

Ref legal event code: MK05

Ref document number: 1202427

Country of ref document: AT

Kind code of ref document: T

Effective date: 20191113

REG Reference to a national code

Ref country code: BE

Ref legal event code: MM

Effective date: 20191231

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20191113

Ref country code: SM

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20191113

Ref country code: MC

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20191113

26N No opposition filed

Effective date: 20200814

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LU

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20191204

Ref country code: FR

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20200113

Ref country code: IE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20191204

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: BE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20191231

Ref country code: CH

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20191231

Ref country code: LI

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20191231

Ref country code: AT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20191113

Ref country code: SI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20191113